RE: [incidents] Bots hitting my web server?

[<zcat () bsd co nz>]

> You're not seeing bots, you're seeing surfers in a misguided
> attempt to keep their "anonymity," or to defeat proxies
> that filter by domain/host in corporate/school environments
> (hence the porn site requests you see in your logs).

Here's another suggestion. Reconfigure apache so that every time someone
attempts to use it as a proxy it returns (in the appropriate format;
html, jpg, etc to match the request) a small message announcing that the
request and client IP are being logged to a publically accessable web
page. On that web page explain WHY you're doing this (cost of bandwidth
etc). That should get you off the end-user's proxy lists very quickly,
and will eventually help with the public lists too. And it'll educate a
few of the proxy-list users who are probably under the impression that all
proxies are run intentionally as a public service, like IRC servers and
MUD's.



----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com